Partager via


Informations de référence sur les commandes PowerShell de configuration rapide

Cet article dresse la liste des commandes PowerShell qui peuvent être utilisées avec la configuration rapide de l’évaluation des vulnérabilités SQL.

Effectuez une copie locale du script situé dans le module wrapper PowerShell de configuration rapide, puis enregistrez le fichier sous le nom SqlVulnerabilityAssessmentCommands.psm1, qui peut être référencé avec les commandes suivantes :

Définir la base de référence de l’évaluation des vulnérabilités SQL

Exemple 1 :

Connect-AzAccount -Subscription 00000000-1111-2222-3333-444444444444
Import-Module .\SqlVulnerabilityAssessmentCommands.psm1
Set-SqlVulnerabilityAssessmentBaseline -SubscriptionId 00000000-1111-2222-3333-444444444444 -ResourceGroupName vulnerabilityaseessmenttestRg -ServerName vulnerabilityaseessmenttest -DatabaseName db -Body '{  "properties": {    "latestScan": true,    "results": {}  }}'

Results:

Headers    : {[Pragma, System.String[]], [x-ms-request-id, System.String[]], [x-ms-ratelimit-remaining-subscription-writes, System.String[]], [x-ms-correlation-request-id, System.String[]]...}
Version    : 1.1
StatusCode : 200
Method     : PUT
Content    : {"properties":{"results":{"VA1143":[["True"]],"VA1219":[["False"]]}},"id":"/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/vulnerabilityaseessmenttestRg/providers/Microsoft.Sql/serv
             ers/vulnerabilityaseessmenttest/databases/db/sqlVulnerabilityAssessments/Default/baselines/Default","name":"Default","type":"Microsoft.Sql/servers/databases/sqlVulnerabilityAssessments/baselines"}

Exemple 2 :

Connect-AzAccount -Subscription 00000000-1111-2222-3333-444444444444
Import-Module .\SqlVulnerabilityAssessmentCommands.psm1
Set-SqlVulnerabilityAssessmentBaseline -SubscriptionId 00000000-1111-2222-3333-444444444444 -ResourceGroupName vulnerabilityaseessmenttestRg -ServerName vulnerabilityaseessmenttest -DatabaseName db -Body '{
  "properties": {
    "latestScan": false,
    "results": {
      "VA2062": [
        [
          "AllowAll",
          "0.0.0.0",
          "255.255.255.255"
        ]
      ]
    }
  }
}'

Results:

Headers    : {[Pragma, System.String[]], [x-ms-request-id, System.String[]], [x-ms-ratelimit-remaining-subscription-writes, System.String[]], [x-ms-correlation-request-id, System.String[]]...}
Version    : 1.1
StatusCode : 200
Method     : PUT
Content    : {"properties":{"results":{"VA2062":[["AllowAll","0.0.0.0","255.255.255.255"]]}},"id":"/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/vulnerabilityaseessmenttestRg/providers/Microso
             ft.Sql/servers/vulnerabilityaseessmenttest/databases/db/sqlVulnerabilityAssessments/Default/baselines/Default","name":"Default","type":"Microsoft.Sql/servers/databases/sqlVulnerabilityAssessments/baseline
             s"}

Obtenir la base de référence de l’évaluation des vulnérabilités SQL

Connect-AzAccount -Subscription 00000000-1111-2222-3333-444444444444
Import-Module .\SqlVulnerabilityAssessmentCommands.psm1
Get-SqlVulnerabilityAssessmentBaseline -SubscriptionId 00000000-1111-2222-3333-444444444444 -ResourceGroupName vulnerabilityaseessmenttestRg -ServerName vulnerabilityaseessmenttest -DatabaseName db

Results:

Headers    : {[Pragma, System.String[]], [x-ms-request-id, System.String[]], [x-ms-ratelimit-remaining-subscription-reads, System.String[]], [x-ms-correlation-request-id, System.String[]]...}
Version    : 1.1
StatusCode : 200
Method     : GET
Content    : {"properties":{"results":{"VA1143":[["True"]],"VA1219":[["False"]]}},"id":"/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/vulnerabilityaseessmenttestRg/providers/Microsoft.Sql/serv
             ers/vulnerabilityaseessmenttest/databases/db/sqlVulnerabilityAssessments/Default/baselines/Default","name":"Default","type":"Microsoft.Sql/servers/databases/sqlVulnerabilityAssessments/baselines"}

Définir la règle de base de l’évaluation des vulnérabilités SQL

Connect-AzAccount -Subscription 00000000-1111-2222-3333-444444444444
Import-Module .\SqlVulnerabilityAssessmentCommands.psm1
Set-SqlVulnerabilityAssessmentBaselineRule -SubscriptionId 00000000-1111-2222-3333-444444444444 -ResourceGroupName vulnerabilityaseessmenttestRg -ServerName vulnerabilityaseessmenttest -DatabaseName db -RuleId VA2062 -Body '{
  "properties": {
     "latestScan": false,
     "results": [
         [
           "AllowAll",
           "0.0.0.0",
           "255.255.255.255"
         ]
     ]
   }
 }'

Headers    : {[Cache-Control, System.String[]], [Pragma, System.String[]], [x-ms-request-id, System.String[]], [Server,
              System.String[]]…}
Version    : 1.1
StatusCode : 200
Method     : PUT
Content    : {"properties":{"results":[["AllowAll","0.0.0.0","255.255.255.255"]]},"id":"/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/vulnerabilityaseessmenttestRg/providers/Microsoft.Sql/servers/vulnerabilityaseessmenttest/dat
             abases/db/sqlVulnerabilityAssessments/Default/baselines/default/rules/VA2062","name":"VA2062","type":"Mic
             rosoft.Sql/servers/databases/sqlVulnerabilityAssessments/baselines"}

Obtenir la règle de base de l’évaluation des vulnérabilités SQL

Exemple 1 :

Connect-AzAccount -Subscription 00000000-1111-2222-3333-444444444444
Import-Module .\SqlVulnerabilityAssessmentCommands.psm1
Get-SqlVulnerabilityAssessmentBaselineRule -SubscriptionId 00000000-1111-2222-3333-444444444444 -ResourceGroupName vulnerabilityaseessmenttestRg -ServerName vulnerabilityaseessmenttest -DatabaseName db -RuleId VA2062

Headers    : {[Cache-Control, System.String[]], [Pragma, System.String[]], [x-ms-request-id, System.String[]], [Server,
              System.String[]]…}
Version    : 1.1
StatusCode : 200
Method     : GET
Content    : {"properties":{"results":[["AllowAll","0.0.0.0","255.255.255.255"]]},"id":"/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/vulnerabilityaseessmenttestRg/providers/Microsoft.Sql/servers/vulnerabilityaseessmenttest/dat
             abases/db/sqlVulnerabilityAssessments/Default/baselines/default/rules/VA2062","name":"VA2062","type":"Mic
             rosoft.Sql/servers/databases/sqlVulnerabilityAssessments/baselines"}

Exemple 2 :

Connect-AzAccount -Subscription 00000000-1111-2222-3333-444444444444
Import-Module .\SqlVulnerabilityAssessmentCommands.psm1
Get-SqlVulnerabilityAssessmentBaselineRule -SubscriptionId 00000000-1111-2222-3333-444444444444 -ResourceGroupName vulnerabilityaseessmenttestRg -ServerName vulnerabilityaseessmenttest -DatabaseName db

Headers    : {[Cache-Control, System.String[]], [Pragma, System.String[]], [x-ms-request-id, System.String[]], [Server,
              System.String[]]…}
Version    : 1.1
StatusCode : 200
Method     : GET
Content    : {"value":[{"properties":{"results":[["True"]]},"id":"/subscriptions/00000000-1111-2222-3333-444444444444/r
             esourceGroups/vulnerabilityaseessmenttestRg/providers/Microsoft.Sql/servers/vulnerabilityaseessmenttest/databases/db/sqlVulnerab
             ilityAssessments/Default/baselines/default/rules/VA1143","name":"VA1143","type":"Microsoft.Sql/servers/dat
             abases/sqlVulnerabilityAssessments/baselines"},{"properties":{"results":[["False"]]},"id":"/subscriptions/
             00000000-1111-2222-3333-444444444444/resourceGroups/vulnerabilityaseessmenttestRg/providers/Microsoft.Sql/servers/m
             igrationsql1/databases/db/sqlVulnerabilityAssessments/Default/baselines/default/rules/VA1219","name":"VA1
             219","type":"Microsoft.Sql/servers/databases/sqlVulnerabilityAssessments/baselines"},{"properties":{"resul
             ts":[["AllowAll","0.0.0.0","255.255.255.255"]]},"id":"/subscriptions/00000000-1111-2222-3333-444444444444/
             resourceGroups/vulnerabilityaseessmenttestRg/providers/Microsoft.Sql/servers/vulnerabilityaseessmenttest/databases/db/sqlVulnera
             bilityAssessments/Default/baselines/default/rules/VA2062","name":"VA2062","type":"Microsoft.Sql/servers/da
             tabases/sqlVulnerabilityAssessments/baselines"}]}

Supprimer la règle de base de l’évaluation des vulnérabilités SQL

Connect-AzAccount -Subscription 00000000-1111-2222-3333-444444444444
Import-Module .\SqlVulnerabilityAssessmentCommands.psm1
Remove-SqlVulnerabilityAssessmentBaselineRule -SubscriptionId 00000000-1111-2222-3333-444444444444 -ResourceGroupName vulnerabilityaseessmenttestRg -ServerName vulnerabilityaseessmenttest -DatabaseName db -RuleId VA2062

Headers    : {[Cache-Control, System.String[]], [Pragma, System.String[]], [x-ms-request-id, System.String[]], [Server,
              System.String[]]…}
Version    : 1.1
StatusCode : 200
Method     : DELETE
Content    :

Obtenir les résultats d’analyse de l’évaluation des vulnérabilités SQL

Exemple 1 :

Connect-AzAccount -Subscription 00000000-1111-2222-3333-444444444444
Import-Module .\SqlVulnerabilityAssessmentCommands.psm1
Get-SqlVulnerabilityAssessmentScanResults -SubscriptionId 00000000-1111-2222-3333-444444444444 -ResourceGroupName vulnerabilityaseessmenttestRg -ServerName vulnerabilityaseessmenttest -DatabaseName db -ScanId latest -RuleId VA2062

Headers    : {[Cache-Control, System.String[]], [Pragma, System.String[]], [x-ms-request-id, System.String[]], [Server,
              System.String[]]…}
Version    : 1.1
StatusCode : 200
Method     : GET
Content    : {"properties":{"ruleId":"VA2062","status":"NonFinding","errorMessage":null,"isTrimmed":false,"queryResults
             ":[],"remediation":{"description":"Remove database firewall rules that grant excessive access","scripts":[
             ],"automated":false,"portalLink":""},"baselineAdjustedResult":null,"ruleMetadata":{"ruleId":"VA2062","seve
             rity":"High","category":"SurfaceAreaReduction","ruleType":"NegativeList","title":"Database-level firewall
             rules should not grant excessive access","description":"The Azure SQL Database-level firewall helps protec
             t your data by preventing all access to your database until you specify which IP addresses have permission
             . Database-level firewall rules grant access to the specific database based on the originating IP address
             of each request.\n\nDatabase-level firewall rules for master and user databases can only be created and ma
             naged through Transact-SQL (unlike server-level firewall rules which can also be created and managed using
              the Azure portal or PowerShell). For more details please see: https://docs.microsoft.com/azure/sql-
             database/sql-database-firewall-configure\n\nThis check verifies that each database-level firewall rule doe
             s not grant access to more than 255 IP addresses.","rationale":"Often, administrators add rules that grant
              excessive access as part of a troubleshooting process - to eliminate the firewall as the source of a prob
             lem, they simply create a rule that allows all traffic to pass to the affected database.\n\nGranting exces
             sive access using database firewall rules is a clear security concern, as it violates the principle of lea
             st privilege by allowing unnecessary access to your database. In fact, it's the equivalent of placing the
             database outside of the firewall.","queryCheck":{"query":"SELECT name AS [Firewall Rule Name]\n    ,start_
             ip_address AS [Start Address]\n    ,end_ip_address AS [End Address]\nFROM sys.database_firewall_rules\nWHE
             RE ( \n        (CONVERT(bigint, parsename(end_ip_address, 1)) +\n         CONVERT(bigint, parsename(end_ip
             _address, 2)) * 256 + \n         CONVERT(bigint, parsename(end_ip_address, 3)) * 65536 + \n         CONVER
             T(bigint, parsename(end_ip_address, 4)) * 16777216 ) \n        - \n        (CONVERT(bigint, parsename(star
             t_ip_address, 1)) +\n         CONVERT(bigint, parsename(start_ip_address, 2)) * 256 + \n         CONVERT(b
             igint, parsename(start_ip_address, 3)) * 65536 + \n         CONVERT(bigint, parsename(start_ip_address, 4)
             ) * 16777216 )\n      ) > 255","expectedResult":[],"columnNames":["Firewall Rule Name","Start Address","En
             d Address"]},"benchmarkReferences":[]}},"id":"/subscriptions/00000000-1111-2222-3333-444444444444/resource
             Groups/vulnerabilityaseessmenttestRg/providers/Microsoft.Sql/servers/vulnerabilityaseessmenttest/databases/db/sqlVulnerabilityAs
             sessments/Default/scans/VA2062/scanResults/VA2062","name":"VA2062","type":"Microsoft.Sql/servers/databases
             /sqlVulnerabilityAssessments/scans/scanResults"}

Exemple 2 :

Connect-AzAccount -Subscription 00000000-1111-2222-3333-444444444444
Import-Module .\SqlVulnerabilityAssessmentCommands.psm1
Get-SqlVulnerabilityAssessmentScanResults -SubscriptionId 00000000-1111-2222-3333-444444444444 -ResourceGroupName vulnerabilityaseessmenttestRg -ServerName vulnerabilityaseessmenttest -DatabaseName db -ScanId latest

Headers    : {[Cache-Control, System.String[]], [Pragma, System.String[]], [x-ms-request-id, System.String[]], [Server,
              System.String[]]…}
Version    : 1.1
StatusCode : 200
Method     : GET
Content    : {"value":[
            {"properties":{"ruleId":"VA1219","status":"No
             nFinding","errorMessage":null,"isTrimmed":false,"queryResults":[["False"]],"remediation":{"description":"E
             nable TDE on the affected databases","scripts":[],"automated":false,"portalLink":"EnableTDE"},"baselineAdj
             ustedResult":{"baseline":{"expectedResults":[["False"]],"updatedTime":"2023-05-15T08:52:39.3476874+00:00"}
             ,"status":"NonFinding","resultsNotInBaseline":[],"resultsOnlyInBaseline":[]},"ruleMetadata":{"ruleId":"VA1
             219","severity":"Medium","category":"DataProtection","ruleType":"Binary","title":"Transparent data encrypt
             ion should be enabled","description":"Transparent data encryption (TDE) helps to protect the database file
             s against information disclosure by performing real-time encryption and decryption of the database, associ
             ated backups, and transaction log files 'at rest', without requiring changes to the application. This rule
              checks that TDE is enabled on the database.","rationale":"Transparent Data Encryption (TDE) protects data
              'at rest', meaning the data and log files are encrypted when stored on disk.","queryCheck":{"query":"SELE
             CT CASE\n        WHEN EXISTS (\n                SELECT *\n                FROM sys.databases\n
                 WHERE db_name(database_id) = db_name()\n                    AND is_encrypted = 0\n                )\n
                        THEN 1\n        ELSE 0\n        END AS [Violation]","expectedResult":[["0"]],"columnNames":["Vi
             olation"]},"benchmarkReferences":[{"benchmark":"FedRAMP","reference":null}]}},"id":"/subscriptions/f000000
    00-1111-2222-3333-444444444444/resourceGroups/vulnerabilityaseessmenttestRg/providers/Microsoft.Sql/servers/
    vulnerabilityaseessmenttest/databases/db/sqlVulnerabilityAssessments/Default/scans/VA1219/scanResults/VA1219","name":"VA1219","
             type":"Microsoft.Sql/servers/databases/sqlVulnerabilityAssessments/scans/scanResults"},{"prope
             rties":{"ruleId":"VA1223","status":"NonFinding","errorMessage":null,"isTrimmed":false,"queryResults":[],"r
             emediation":{"description":"Create new certificates, re-encrypt the data/sign-data using the new key, and
             drop the affected keys.","scripts":[],"automated":false,"portalLink":""},"baselineAdjustedResult":null,"ru
             leMetadata":{"ruleId":"VA1223","severity":"High","category":"DataProtection","ruleType":"NegativeList","ti
             tle":"Certificate keys should use at least 2048 bits","description":"Certificate keys are used in RSA and
             other encryption algorithms to protect data. These keys need to be of enough length to secure the user's d
             ata. This rule checks that the key's length is at least 2048 bits for all certificates.","rationale":"Key
             length defines the upper-bound on the encryption algorithm's security. Using short keys in encryption algo
             rithms may lead to weaknesses in data-at-rest protection.","queryCheck":{"query":"SELECT name AS [Certific
             ate Name], thumbprint AS [Thumbprint]\nFROM sys.certificates\nWHERE key_length < 2048","expectedResult":[]
             ,"columnNames":["Certificate Name","Thumbprint"]},"benchmarkReferences":[{"benchmark":"FedRAMP","reference
             ":null}]}},"id":"/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/vulnerabilityaseessmenttestRg/p
             roviders/Microsoft.Sql/servers/vulnerabilityaseessmenttest/databases/db/sqlVulnerabilityAssessments/Default/scans/VA122
             3/scanResults/VA1223","name":"VA1223","type":"Microsoft.Sql/servers/databases/sqlVulnerabilityAssessments/
             scans/scanResults"}]}

Obtenir l’analyse de l’évaluation des vulnérabilités SQL

Exemple 1 :

Connect-AzAccount -Subscription 00000000-1111-2222-3333-444444444444
Import-Module .\SqlVulnerabilityAssessmentCommands.psm1
Get-SqlVulnerabilityAssessmentScans -SubscriptionId 00000000-1111-2222-3333-444444444444 -ResourceGroupName vulnerabilityaseessmenttestRg -ServerName vulnerabilityaseessmenttest -DatabaseName db -ScanId latest

Headers    : {[Cache-Control, System.String[]], [Pragma, System.String[]], [x-ms-request-id, System.String[]], [Server,
              System.String[]]…}
Version    : 1.1
StatusCode : 200
Method     : GET
Content    : {"properties":{"scanId":"f64d81a1-9d7b-4516-a623-a1bfc845ed7e","triggerType":"OnDemand","state":"Passed","
             startTime":"2023-04-17T12:52:41.4142209Z","endTime":"2023-04-17T12:52:41.5235755Z","server":"vulnerabilityaseessmenttest
             ","database":"db","sqlVersion":"16.0.5100","highSeverityFailedRulesCount":0,"mediumSeverityFailedRulesCou
             nt":0,"lowSeverityFailedRulesCount":0,"totalPassedRulesCount":24,"totalFailedRulesCount":0,"totalRulesCoun
             t":24,"isBaselineApplied":true},"id":"/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/m
             igrationscripttests/providers/Microsoft.Sql/servers/vulnerabilityaseessmenttest/databases/db/vulnerabilityAssessments/D
             efault/scans/f64d81a1-9d7b-4516-a623-a1bfc845ed7e","name":"f64d81a1-9d7b-4516-a623-a1bfc845ed7e","type":"M
             icrosoft.Sql/servers/databases/vulnerabilityAssessments/scans"}

Exemple 2 :

Connect-AzAccount -Subscription 00000000-1111-2222-3333-444444444444
Import-Module .\SqlVulnerabilityAssessmentCommands.psm1
Get-SqlVulnerabilityAssessmentScans -SubscriptionId 00000000-1111-2222-3333-444444444444 -ResourceGroupName vulnerabilityaseessmenttestRg -ServerName vulnerabilityaseessmenttest -DatabaseName db

Headers    : {[Cache-Control, System.String[]], [Pragma, System.String[]], [x-ms-request-id, System.String[]], [Server,
              System.String[]]…}
Version    : 1.1
StatusCode : 200
Method     : GET
Content    : {"value":[{"properties":{"scanId":"f64d81a1-9d7b-4516-a623-a1bfc845ed7e","triggerType":"OnDemand","state":
             "Passed","startTime":"2023-04-17T12:52:41.4142209Z","endTime":"2023-04-17T12:52:41.5235755Z","server":
    "vulnerabilityaseessmenttest","database":"db","sqlVersion":"16.0.5100","highSeverityFailedRulesCount":0,"mediumSeverityFail
             edRulesCount":0,"lowSeverityFailedRulesCount":0,"totalPassedRulesCount":24,"totalFailedRulesCount":0,"tota
             lRulesCount":24,"isBaselineApplied":true},"id":"/subscriptions/00000000-1111-2222-3333-444444444444/resour
             ceGroups/vulnerabilityaseessmenttestRg/providers/Microsoft.Sql/servers/vulnerabilityaseessmenttest/databases/db/vulnerabilityAss
             essments/Default/scans/f64d81a1-9d7b-4516-a623-a1bfc845ed7e","name":"f64d81a1-9d7b-4516-a623-a1bfc845ed7e"
             ,"type":"Microsoft.Sql/servers/databases/vulnerabilityAssessments/scans"}]}

Appeler l’analyse de l’évaluation des vulnérabilités SQL

Connect-AzAccount -Subscription 00000000-1111-2222-3333-444444444444
Import-Module .\SqlVulnerabilityAssessmentCommands.psm1
Invoke-SqlVulnerabilityAssessmentScan -SubscriptionId 00000000-1111-2222-3333-444444444444 -ResourceGroupName vulnerabilityaseessmenttestRg -ServerName vulnerabilityaseessmenttest -DatabaseName db

Headers    : {[Cache-Control, System.String[]], [Pragma, System.String[]], [Location, System.String[]], [Retry-After, S
             ystem.String[]]…}
Version    : 1.1
StatusCode : 202
Method     : POST
Content    : {"operation":"ExecuteDatabaseVulnerabilityAssessmentScan","startTime":"2023-05-15T10:58:48.367Z"}

Obtenir le paramètre de serveur d’évaluation des vulnérabilités SQL

Connect-AzAccount -Subscription 00000000-1111-2222-3333-444444444444
Import-Module .\SqlVulnerabilityAssessmentCommands.psm1
Get-SqlVulnerabilityAssessmentServerSetting -SubscriptionId 00000000-1111-2222-3333-444444444444 -ResourceGroupName vulnerabilityaseessmenttestRg -ServerName vulnerabilityaseessmenttest

Headers    : {[Cache-Control, System.String[]], [Pragma, System.String[]], [x-ms-request-id, System.String[]], [Server,
              System.String[]]…}
Version    : 1.1
StatusCode : 200
Method     : GET
Content    : {"properties":{"state":"Enabled"},"id":"/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups
             /vulnerabilityaseessmenttestRg/providers/Microsoft.Sql/servers/vulnerabilityaseessmenttest/sqlVulnerabilityAssessments/Default","
             name":"Default","type":"Microsoft.Sql/servers/sqlVulnerabilityAssessments"}

Définir le paramètre de serveur d’évaluation des vulnérabilités SQL

Exemple 1 :

Connect-AzAccount -Subscription 00000000-1111-2222-3333-444444444444
Import-Module .\SqlVulnerabilityAssessmentCommands.psm1
Set-SqlVulnerabilityAssessmentServerSetting -SubscriptionId 00000000-1111-2222-3333-444444444444 -ResourceGroupName vulnerabilityaseessmenttestRg -ServerName vulnerabilityaseessmenttest -State 'Enabled'

Headers    : {[Cache-Control, System.String[]], [Pragma, System.String[]], [x-ms-request-id, System.String[]], [Server,
              System.String[]]…}
Version    : 1.1
StatusCode : 200
Method     : PUT
Content    : {"properties":{"state":"Enabled"},"id":"/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups
             /vulnerabilityaseessmenttestRg/providers/Microsoft.Sql/servers/vulnerabilityaseessmenttest/sqlVulnerabilityAssessments/Default","
             name":"Default","type":"Microsoft.Sql/servers/sqlVulnerabilityAssessments"}

Exemple 2 :

Connect-AzAccount -Subscription 00000000-1111-2222-3333-444444444444
Import-Module .\SqlVulnerabilityAssessmentCommands.psm1
Set-SqlVulnerabilityAssessmentServerSetting -SubscriptionId 00000000-1111-2222-3333-444444444444 -ResourceGroupName vulnerabilityaseessmenttestRg -ServerName vulnerabilityaseessmenttest -State 'Disabled'

Headers    : {[Cache-Control, System.String[]], [Pragma, System.String[]], [x-ms-request-id, System.String[]], [Server,
              System.String[]]…}
Version    : 1.1
StatusCode : 200
Method     : PUT
Content    : {"properties":{"state":"Disabled"},"id":"/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroup
             s/vulnerabilityaseessmenttestRg/providers/Microsoft.Sql/servers/vulnerabilityaseessmenttest/sqlVulnerabilityAssessments/Default",
             "name":"Default","type":"Microsoft.Sql/servers/sqlVulnerabilityAssessments"}

Supprimer le paramètre de serveur d’évaluation des vulnérabilités SQL

Connect-AzAccount -Subscription 00000000-1111-2222-3333-444444444444
Import-Module .\SqlVulnerabilityAssessmentCommands.psm1
Remove-SqlVulnerabilityAssessmentServerSetting -SubscriptionId 00000000-1111-2222-3333-444444444444 -ResourceGroupName vulnerabilityaseessmenttestRg -ServerName vulnerabilityaseessmenttest


Headers    : {[Pragma, System.String[]], [x-ms-request-id, System.String[]], [x-ms-ratelimit-remaining-subscription-deletes, System.String[]], [x-ms-correlation-request-id, System.String[]]...}
Version    : 1.1
StatusCode : 200
Method     : DELETE
Content    :

Étapes suivantes

Rechercher et corriger les vulnérabilités dans vos bases de données Azure SQL